Slashdot Mirror


Microsoft, Yahoo Investigate Spam Solution

bllfrnch writes "The NY Times (account required, yada yada) has an article about the suggestion of email postage to stop the advent of spam. Apparently, both Microsoft and Yahoo! support such an initiative, as they are the largest email service providers. Best quote: ''Damn if I will pay postage for my nice list,' said David Farber, a professor at Carnegie Mellon University, who runs a mailing list on technology and policy with 30,000 recipients'."

16 of 596 comments (clear)

  1. Cha ching? by monstroyer · · Score: 5, Interesting

    Paying for postage already exists, it's called a fax.

    This is the worst solution ever and the only reason that MS/Yahoo support it is because of Hotmail/YahooMail. They stand to make huge profits because they host the inboxes of millions of users. Every email received at those accounts would invoice the sender. It's a no brainer for BARRELS OF CASH !!! (tm)

    In fact, there already was a good solution proposed a few weeks ago, by microsoft no less. Combine it with Spam Assassin the way Spam Interceptor does (replacing the C/R component) and the solution is plausible.

    1. Re:Cha ching? by MadCow42 · · Score: 3, Interesting

      Email postage might make sense under one of two conditions:

      1) the recipient gets the postage fee
      2) the ISP that gets the postage fee provides email / internet access to the user for free

      If the ISP gets the cash without providing any FURTHER service, it's nothing more than a cash grab. I would still be likely to maintain a "free" mail account so my friends wouldn't have to pay to email me... I'd just be more likely to filter that heavily for spam.

      MadCow.

      --
      I used to have a sig, but I set it free and it never came back.
    2. Re:Cha ching? by Awptimus+Prime · · Score: 5, Interesting

      Agreed. I've said it before and I will say it again:

      Replace SMTP with a more secure protocol. Give a 12 month window for everyone to upgrade their clients. Then make port 25 filtering mandatory for all ISPs.

      Failure to comply results in no email gateway for your customers. Simple as that.

    3. Re:Cha ching? by Zwoop · · Score: 3, Interesting
      if people just set up their mail servers to force authentication before outgoing mail can be sent, there wouldn't be any problems. Sorry there will be some problems, but I bet it would eliminate a lot of spam.

      Hmmm, what kind of spam would this prevent? Open SMTP relays? Forged From: addresses? Sure, we might get rid of some spam that way, but it will not fix the real problem IMO. It's just too easy to setup your own SMTP spamming server to "bypass" this, unless of course we start requiring SMTP auth in all SMTP traffic (not just from the MUA to MTA). But what a nightmare to maintain the global directory of servers and credentials...

      Also, setting up SMTP auth to work with all possible clients turns out to be somewhat of a pain. I've done it with sendmail, and although it worked nicely "out of the box" for most clients, at least one had serious issues with the SASL and TLS protocols (see this article for instance).

      And yeah, unfortunately there will always be victims out there who will buy from spammers and telemarketers. And there will always be predators ready to take advantage of them, if they can do so. Spam works well because it's virtually free to do, so even with some incredible small "click through" rate, it's profitable.

      Making spamming computational expensive, as has been talked about several times, seems like the best solution right now. I don't particular like this postage stamp solution, although, it certainly addresses the root of the problem, it's too easy/inexpensive to spam.

      -- leif

    4. Re:Cha ching? by Awptimus+Prime · · Score: 4, Interesting

      Actually, they would be insane not to. It would save literally thousands of man hours chasing spammers. Not to mention the gigs of bandwidth saved per year if spam could be eliminated.

      The major industry players would be the 'governing body', as you put it. They have historically played together decently since the dawn of DDOS attacks. Before smurf.c, ISP #1 would typically ignore anything ISP #2 said. That is not how things are these days.

    5. Re:Cha ching? by senatorpjt · · Score: 3, Interesting

      Maybe I'm just an idiot, but I didn't think I was running an open relay either. I tested it with some of the open-relay test webpages, but it turns out that Postfix was allowing relaying from the local /24 subnet on my ISP (which none of the tests would have shown), and it just happened that someone on the subnet noticed.

  2. It's a ridiculous concept by MysteriousMystery · · Score: 5, Interesting

    It's a ridiculous concept really, the reasons email has become successful to begin with is that it's fast and free. If you charge for email, people will just move over to instant messengers or other systems. And how do you enforce charging people who you may or may not be able to track, the proposal to charge for spam based on the reciever's choice is absolutely ridiculous.

  3. I like the computational challenge solution better by kcornia · · Score: 4, Interesting

    Asking the sender to process a quick math question seems a better solution to me.

    Spam boxes would be prohibitively expensive due to the heavy requirements for sending millions of spams, and it would have the added benefit of notifying people when their box has been owned due to 100% processor utilization on said owned relay box.

    The money option just sounds like pushing for a new revenue stream. To heck with that.

  4. I hate spam but... by dolo666 · · Score: 4, Interesting

    How will this affect websites sending their users emails from requested sources?

    Like I'm the programmer of Gemsites, a Slashdot clone. When we register a user, we shoot them an email. So are we going to have to pay money to do that?

    Because that would be totally stupid, and it would possibly put an end to discussion websites that require logons to validate users, unless there was a method to bypass the charge for sending email.

    The way Microsoft will turn it, would be that we all *should* be paying per email, because of this reason or that reason. Bottom line is Billy Goat Gates on his mountain of cash, trying to pile up more of it.

  5. I think I have a better solution. by mikeophile · · Score: 4, Interesting
    Instead of billing the sender of bulk email, why can't the receiver bill the service provider who permitted the bulk email to be sent in the first place?

    What you say? Microsoft would get huge bills because of the abusers of it's Hotmail service? That would be a pity, wouldn't it?

  6. Why can't DNS solve spam??? by clusterix · · Score: 5, Interesting

    Why can't MX records become required to list all in AND out going official SMTP for a domain. From then on, SMTP servers could reject non matching MXed sender IPs and if spam does get through - you know you to blame.

  7. Goodmail just wants to eliminate all free spam by Thagg · · Score: 3, Interesting

    The Goodmail "solution" is the worst of all possible worlds. What they want to do is convince people doing spam filtering that paid-for spam should still go through. They want to raise the quality of the spam, not get rid of it.

    Please. That's not the answer.

    thad

    --
    I love Mondays. On a Monday, anything is possible.
  8. Post a postage bond... by jordandeamattson · · Score: 4, Interesting

    Actually, this problem can be solved without charging postage on each and every piece of email.

    The problem can be addressed by putting people at risk of being charged postage. This can be done by requiring that senders post a bond of say 1/10 of 1 cent per item sent.

    If you are sending 30,000 pieces of mail a week, your bond would only be $30.00. If people like your email, you will never have to pay the toll, but if they don't like it, then you will be subject it.

    The folks that will be caught in this web are spammers and direct marketers. They send millions of spams in the hope that just a few folks will bite. If we raise their cost of doing it above the return, they will be out of business ASAP.

    The only way to kill spam, which depends on a frictionless mailing process, is to introduce some friction (i.e. cost) into the system.

    Yours,

    Jordan

  9. Stop Email Newsletters; Switch to RSS by rjamestaylor · · Score: 3, Interesting
    Philip Greenspun, I believe, commented at the height of Internet Hype email was still the killer app of the Internet, not the web. Indeed in 2000, iirc, Dave Winer sent out an email newsletter wherein he stated his amazement that more people rely on his newsletter for updates than visit his dymnamically updated website. No mystery to me: emailed newsletters require no action on my part except subscribing (and not always that is required, which is why we're discussing spam, eh?), has a familiar interface that my Mom, a grandmother many times over, has no trouble mastering, and is well-supported by various vendors. But email is overrun with spam, worms and viruses ... and forwarded conspiracies from grandmothers (*ahem*).

    But another method of delivering news is available to content serializers: RSS feeds. RSS feeds allow for true "push" content delivery like email. But, RSS feeds are not as easy to grasp, access or view as email.

    Proposal: create an add-in RSS feed aggregator into common email platforms such as Outlook, Outlook Express, Mozilla, Eudora, pine (kidding), etc. Build content creation mechansism into the same email clients with the ability to post the feeds to a public directory (Google? Anyone listening?) with various subscription options on both ends.

    This way email could be returned to a person-to-person(s) communication tool for low-volume communication needs; content aggregators could better server their readers/viewers and we can all experience whirrled peas.

    Whatever. Anyway, just an idea -- what thinkest thou?

    --
    -- @rjamestaylor on Ello
  10. I WILL SAY IT AGAIN... by quork · · Score: 3, Interesting

    There already is a solution... It is called a digital signature and comes from a Certificate Authority. Couldn't ISP's, Yahoo, or even Hotmail be required to issue PKI certificates to a paying user? Email administrators would then have the option of dropping any email that wasn't digitaly signed (as coming from a legitimate CA). This digital signature would shed light on the responsible parties involved in sending SPAM. Then fines could be levied on the guilty parties. Screw the stamp people. I already pay for the privilage of sending email. Digital Signatures are free!

    --
    gllshhht...
  11. Don't pay the ISP. Pay the recipient. by uncadonna · · Score: 4, Interesting
    If the recipient replies or authorizes, they forego the fee.

    Advantages: real email stays free, spam costs, microtransaction standards emerge.

    Disadvantages: Microsoft and Yahoo don't make as much money. Sorry.

    --
    mt